CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Prion•added 2020/10/29 7:15 p.m.•8 views

Sql injection

An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the usernameavailable function of the includes/functions.php file which is called by login.php...

7.5CVSS9.5AI score0.0209EPSS

Exploits0References3Affected Software1

Prion•added 2020/02/07 6:15 p.m.•17 views

Code injection

A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code...

10CVSS7.5AI score0.46943EPSS

Exploits6References4

Tenable Nessus•added 2018/11/05 12:0 a.m.•11 views

WordPress 4.5.x < 4.5.12 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - wp-admin/user-new.php sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access...

8.8CVSS6.7AI score0.07945EPSS

Exploits0References6

WPVulnDB•added 2014/08/01 10:59 a.m.•10 views

Delightful Downloads 1.3.1.1 - includes/functions.php User-Agent HTTP Header Stored XSS

The Delightful Downloads WordPress plugin was affected by an includes/functions.php User-Agent HTTP Header Stored XSS security vulnerability...

0.2AI score

Exploits0Affected Software1

seebug.org•added 2009/07/30 12:0 a.m.•17 views

Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities

No description provided by source. + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download + -...

7.1AI score

Exploits0

Prion•added 2007/10/18 9:17 p.m.•11 views

Remote file inclusion

PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE because the identified code is in a function that is not accessible via direct reques...

7.5CVSS7.7AI score0.0068EPSS

Exploits0References1Affected Software1

Debian CVE•added 2007/03/02 10:0 p.m.•20 views

CVE-2007-1230

Multiple cross-site scripting XSS vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via 1 the Referer HTTP header or 2 the URI, a different vulnerability than CVE-2007-1049...

5.8CVSS3.8AI score0.00582EPSS

Exploits0

NVD•added 2007/02/06 2:28 a.m.•11 views

CVE-2007-0762

PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

7.5CVSS7.5AI score0.1218EPSS

Exploits1References7

NVD•added 2006/09/14 10:7 a.m.•10 views

CVE-2006-4780

PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

7.5CVSS7.4AI score0.09178EPSS

Exploits0References7

securityvulns•added 2006/09/13 12:0 a.m.•39 views

AzzCoder => phpBB XS 0.58 Remote File Include

A important vulnerability into functions.php will allow a malicious user to insert a remote file. The Vulnerable Code: includeonce $phpbbrootpath . './includes/functionscategorieshierarchy.' . $phpEx ; The phpbbrootpath isn't initialize and PHPBBIN isn't checked...

3.7AI score

Exploits0